| 1.2.3.1.4 Set 'Turn off the 'Publish to Web' task for files and folders' to 'Enabled' | CIS Windows 8 L1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| 2.2 Ensure the ESXi host firewall is configured to restrict access to services running on the host | CIS VMware ESXi 6.7 v1.3.0 Level 1 Bare Metal | Unix | SECURITY ASSESSMENT AND AUTHORIZATION, SYSTEM AND COMMUNICATIONS PROTECTION |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2019 STIG v3.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2025 v1.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.7 (L1) Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2019 v4.0.0 L1 DC | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.7 Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2016 STIG v3.0.0 STIG MS | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.7 Ensure 'Allow log on locally' is set to 'Administrators, ENTERPRISE DOMAIN CONTROLLERS' (DC only) | CIS Microsoft Windows Server 2022 STIG v2.0.0 L1 Domain Controller | Windows | ACCESS CONTROL, AUDIT AND ACCOUNTABILITY |
| 2.2.29 Configure 'Log on as a service' | CIS Windows 7 Workstation Level 2 v3.2.0 | Windows | ACCESS CONTROL |
| 3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly Restricted | CIS Apache HTTP Server 2.2 L1 v3.6.0 | Unix | ACCESS CONTROL |
| 3.11 Ensure Group Write Access for the Apache Directories and Files Is Properly Restricted | CIS Apache HTTP Server 2.4 v2.2.0 L1 | Unix | ACCESS CONTROL, MEDIA PROTECTION |
| 4.10.20.1.10 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' | CIS Microsoft Intune for Windows 10 v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 BL | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' | CIS Microsoft Windows 10 Enterprise v4.0.0 L2 | Windows | CONFIGURATION MANAGEMENT |
| 18.9.20.1.11 (L2) Ensure 'Turn off the 'Publish to Web' task for files and folders' is set to 'Enabled' | CIS Microsoft Windows 10 Stand-alone v4.0.0 L2 NG | Windows | CONFIGURATION MANAGEMENT |
| AIOS-15-010500 - Apple iOS/iPadOS 15 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 14 v1r4 | MDM | CONFIGURATION MANAGEMENT |
| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | AirWatch - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| AIOS-17-010500 - Apple iOS/iPadOS 17 must implement the management setting: limit Ad Tracking. | MobileIron - DISA Apple iOS/iPadOS 17 v2r1 | MDM | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Allow META REFRESH | MSCT Windows Server v2004 DC v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow META REFRESH | MSCT Windows Server v20H2 MS v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow META REFRESH | MSCT Windows 10 v2004 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| Allow META REFRESH | MSCT Windows 10 v21H1 v1.0.0 | Windows | CONFIGURATION MANAGEMENT |
| DISA_Apple_macOS_15_Sequoia_STIG_v1r3.audit from DISA Apple macOS 15 (Sequoia) STIG v1r3 | DISA Apple macOS 15 (Sequoia) STIG v1r3 | Unix | |
| DISA_Canonical_Ubuntu_20.04_LTS_STIG_v2r2.audit from DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | DISA Canonical Ubuntu 20.04 LTS STIG v2r2 | Unix | |
| DISA_Canonical_Ubuntu_24.04_LTS_STIG_v1r1.audit from DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | DISA Canonical Ubuntu 24.04 LTS STIG v1r1 | Unix | |
| DISA_CloudLinux_AlmaLinux_OS_9_STIG_v1r2.audit from DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | DISA CloudLinux AlmaLinux OS 9 STIG v1r2 | Unix | |
| DISA_IBM_WebSphere_Traditional_9_v1r1_Middleware.audit for DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | DISA IBM WebSphere Traditional 9 STIG v1r1 Middleware | Unix | |
| DISA_STIG_Adobe_Acrobat_Pro_XI_v1r2.audit from DISA Adobe Acrobat Pro XI V1R2 STIG | DISA STIG ADOBE ACROBAT PROFESSIONAL (PRO) XI v1r2 | Windows | |
| DISA_STIG_Apache_Server-2.2_Unix_v1r11.audit from DISA Apache 2.2 Unix STIG v1r11 | DISA STIG Apache Server 2.2 Unix v1r11 | Unix | |
| DISA_STIG_Apple_macOS_12_v1r9.audit from DISA Apple macOS 12 (Monterey) v1r9 STIG | DISA STIG Apple macOS 12 v1r9 | Unix | |
| DISA_STIG_Apple_macOS_13_v1r5.audit from DISA Apple macOS 13 (Ventura) v1r5 STIG | DISA STIG Apple macOS 13 v1r5 | Unix | |
| DISA_STIG_Microsoft_Dot_Net_Framework_4.0_v2r6.audit from DISA Microsoft DotNet Framework 4.0 v2r6 STIG | DISA STIG for Microsoft Dot Net Framework 4.0 v2r6 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_9_v1r15.audit from DISA Microsoft Internet Explorer 9 v1r15 STIG | DISA STIG Microsoft Internet Explorer 9 v1r15 | Windows | |
| DISA_STIG_Microsoft_Internet_Explorer_11_v2r5.audit from DISA Microsoft Internet Explorer 11 v2r5 STIG | DISA STIG IE 11 v2r5 | Windows | |
| DISA_STIG_Microsoft_Office_365_ProPlus_v3r3.audit from DISA Microsoft Office 365 ProPlus v3r3 STIG | DISA STIG Microsoft Office 365 ProPlus v3r3 | Windows | |
| DISA_STIG_Microsoft_Office_System_2013_v2r2.audit from DISA Microsoft Office System 2013 v2r2 STIG | DISA STIG Microsoft Office System 2013 v2r2 | Windows | |
| DISA_STIG_Ubuntu_16.04_LTS_v2r3.audit from DISA Canonical Ubuntu 16.04 LTS v2r3 STIG | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | |
| DISA_STIG_VMware_vSphere_6.7_RhttpProxy_v1r3.audit from DISA VMware vSphere 6.7 RhttpProxy v1r3 STIG | DISA STIG VMware vSphere 6.7 RhttpProxy v1r3 | Unix | |
| DISA_STIG_VMware_vSphere_ESXi_6.5_Bare_Metal_Host_v2r4.audit from DISA VMware vSphere 6.5 ESXi v2r4 STIG | DISA STIG VMware vSphere ESXi OS 6.5 v2r4 | Unix | |
| DISA_VMware_vSphere_8.0_ESXi_STIG_v2r3.audit from DISA VMware vSphere 8.0 ESXi STIG v2r3 | DISA VMware vSphere 8.0 ESXi STIG v2r3 | Unix | |
| DTAVSEL-004 - The McAfee VirusScan Enterprise for Linux 1.9.x/2.0.x On-Access scanner must be configured to decompress archives when scanning. | McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| DTOO176 - Email with InfoPath forms must be configured to show UI to recipients. | DISA STIG Microsoft InfoPath 2013 v1r6 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| DTOO176 - InfoPath - Email with InfoPath forms must be configured to show UI to recipients. | DISA STIG Office 2010 InfoPath v1r12 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| Ensure HTTP server is not enabled | Tenable Cisco Firepower Management Center OS Best Practices Audit | Unix | CONFIGURATION MANAGEMENT |
| ESXi.firewall-restrict-access | VMWare vSphere 6.5 Hardening Guide | VMware | SYSTEM AND COMMUNICATIONS PROTECTION |
| EX13-CA-000165 - Exchange must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Microsoft Exchange 2013 Client Access Server STIG v2r2 | Windows | CONFIGURATION MANAGEMENT |
| EX16-MB-002870 - The application must be configured in accordance with the security configuration settings based on DoD security configuration or implementation guidance, including STIGs, NSA configuration guides, CTOs, and DTMs. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | CONFIGURATION MANAGEMENT |
| SP13-00-000150 - The SharePoint Central Administration site must not be accessible from Extranet or Internet connections. | DISA STIG SharePoint 2013 v2r4 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
| VCPF-67-000007 - Performance Charts log files must only be modifiable by privileged users. | DISA STIG VMware vSphere 6.7 Perfcharts Tomcat v1r3 | Unix | AUDIT AND ACCOUNTABILITY |
| VCWN-65-000016 - The vCenter Server for Windows must only send NetFlow traffic to authorized collectors. | DISA STIG VMware vSphere vCenter 6.5 v2r3 | VMware | CONFIGURATION MANAGEMENT |
| WBLC-08-000210 - Oracle WebLogic must terminate the network connection associated with a communications session at the end of the session or after a DoD-defined time period of inactivity. | Oracle WebLogic Server 12c Windows v2r2 | Windows | SYSTEM AND COMMUNICATIONS PROTECTION |
